SHA1 vs crypto doc
Hal Murray
hmurray at megapathdsl.net
Sun Jan 7 07:09:37 UTC 2018
>> Looks like the shannn are blessed by FIPS 180-4
>> I'll update the doc to mention them.
> Better check to make sure the support is in place first. I think I remember
> floating a patch for that only to have Daniel thumbs-down it and say he
> was going to do do that.
That turned into an interesting adventure.
I have found 3 ways to get a list of the supported digests. The first is man
dgst. The second is from openssl help. The 3rd is to try it. ntpd prints
an error message if the specified digest type isn't supported. All 3 are
different on any of the systems I've tried.
I've added attic/digest.c to print a summary of available digests. (not
pushed yet)
I haven't found a good reference to what FIPS likes. In addition to FIPS
140-2, there is FIPS 180-4 and FIPS 202.
--
These are my opinions. I hate spam.
More information about the devel
mailing list